Package io.jmix.saml.mapper.user
Class SynchronizingSamlUserMapper<T extends JmixSamlUserDetails>
java.lang.Object
io.jmix.saml.mapper.user.BaseSamlUserMapper<T>
io.jmix.saml.mapper.user.SynchronizingSamlUserMapper<T>
- Type Parameters:
T- class of Jmix user
- All Implemented Interfaces:
SamlUserMapper<T>
@NullMarked
public abstract class SynchronizingSamlUserMapper<T extends JmixSamlUserDetails>
extends BaseSamlUserMapper<T>
Implementation of the
SamlUserMapper that maps the external user object to the persistent user
and also stores the user and optionally their role assignment to the database.-
Field Summary
FieldsModifier and TypeFieldDescriptionprotected UnconstrainedDataManagerprotected RoleGrantedAuthorityUtilsprotected SamlAssertionRolesMapperprotected booleanprotected UserRepositoryFields inherited from class io.jmix.saml.mapper.user.BaseSamlUserMapper
locks, samlProperties -
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionprotected List<RoleAssignmentEntity> buildRoleAssignmentEntities(String username, Collection<? extends org.springframework.security.core.GrantedAuthority> grantedAuthorities) Returns a class of the user used by the application.protected TinitJmixUser(org.opensaml.saml.saml2.core.Assertion assertion) Returns an instance of Jmix user, which may be either a new instance or an instance loaded from the user repository.booleanWhether role assignment synchronization is enabled.protected voidperformAdditionalModifications(org.opensaml.saml.saml2.core.Assertion assertion, org.springframework.security.saml2.provider.service.authentication.OpenSaml5AuthenticationProvider.ResponseToken responseToken, T jmixUser) Performs additional modifications of Jmix user instance.protected voidpopulateUserAuthorities(org.opensaml.saml.saml2.core.Assertion assertion, T jmixUser) Fills authorities ofjmixUserbased on information from theassertionprotected voidsaveJmixUserAndRoleAssignments(org.opensaml.saml.saml2.core.Assertion assertion, T jmixUser) Saves Jmix user and synchronizes role assignmentsvoidsetSynchronizeRoleAssignments(boolean synchronizeRoleAssignments) Enables role assignment synchronization.protected voidupdateRoleAssignmentsSaveContext(List<RoleAssignmentEntity> existingAssignments, List<RoleAssignmentEntity> actualAssignments, SaveContext saveContext) Fills save context with role assignment operations.Methods inherited from class io.jmix.saml.mapper.user.BaseSamlUserMapper
getSamlUsername, initLocks, populateUserAttributes, toJmixUser
-
Field Details
-
dataManager
-
userRepository
-
rolesMapper
-
roleGrantedAuthorityUtils
-
synchronizeRoleAssignments
protected boolean synchronizeRoleAssignments
-
-
Constructor Details
-
SynchronizingSamlUserMapper
public SynchronizingSamlUserMapper()
-
-
Method Details
-
getApplicationUserClass
Returns a class of the user used by the application. This user is set to the security context. -
initJmixUser
Description copied from class:BaseSamlUserMapperReturns an instance of Jmix user, which may be either a new instance or an instance loaded from the user repository. Attributes and authorities will lately be filled in other methods. The responsibility of the current method is just to create or load an existing instance.- Specified by:
initJmixUserin classBaseSamlUserMapper<T extends JmixSamlUserDetails>- Parameters:
assertion- SAML assertion- Returns:
- new Jmix user instance or Jmix user loaded from user repository
-
populateUserAuthorities
protected void populateUserAuthorities(org.opensaml.saml.saml2.core.Assertion assertion, T jmixUser) Description copied from class:BaseSamlUserMapperFills authorities ofjmixUserbased on information from theassertion- Specified by:
populateUserAuthoritiesin classBaseSamlUserMapper<T extends JmixSamlUserDetails>- Parameters:
assertion- SAML assertionjmixUser- Jmix user instance
-
performAdditionalModifications
protected void performAdditionalModifications(org.opensaml.saml.saml2.core.Assertion assertion, org.springframework.security.saml2.provider.service.authentication.OpenSaml5AuthenticationProvider.ResponseToken responseToken, T jmixUser) Description copied from class:BaseSamlUserMapperPerforms additional modifications of Jmix user instance. Override this method in case you want to do some additional attribute values computations or if you want to do some operations with Jmix user instance, e.g., to store it in the database, like it is done in theSynchronizingSamlUserMapper- Overrides:
performAdditionalModificationsin classBaseSamlUserMapper<T extends JmixSamlUserDetails>- Parameters:
assertion- SAML assertionresponseToken- the object that stores information about the authentication response from SAML providerjmixUser- Jmix user instance
-
saveJmixUserAndRoleAssignments
protected void saveJmixUserAndRoleAssignments(org.opensaml.saml.saml2.core.Assertion assertion, T jmixUser) Saves Jmix user and synchronizes role assignments -
updateRoleAssignmentsSaveContext
protected void updateRoleAssignmentsSaveContext(List<RoleAssignmentEntity> existingAssignments, List<RoleAssignmentEntity> actualAssignments, SaveContext saveContext) Fills save context with role assignment operations.- Parameters:
existingAssignments- Current role assignments in databaseactualAssignments- New role assignments from SAML assertionsaveContext- SaveContext to add remove/save operations
-
buildRoleAssignmentEntities
protected List<RoleAssignmentEntity> buildRoleAssignmentEntities(String username, Collection<? extends org.springframework.security.core.GrantedAuthority> grantedAuthorities) -
isSynchronizeRoleAssignments
public boolean isSynchronizeRoleAssignments()Whether role assignment synchronization is enabled. -
setSynchronizeRoleAssignments
public void setSynchronizeRoleAssignments(boolean synchronizeRoleAssignments) Enables role assignment synchronization. If true then role assignment entities will be stored to the database.
-